From: Salman Abbas (dukelondon@gmail.com)
Date: Tue Jan 23 2007 - 10:32:08 ART
Hi Allan,
If you want to drop the packets whose source address is not in your routers
Forwarding Table, you must use deny ip any any in the ACL. It doesnt matter
whether or not you want to log.
HTH,
Salman
On 1/23/07, Allan <mincisco@gmail.com> wrote:
>
> Hi Ivan
>
> How about if do not need to log. does need the access-list ?
>
> like ip verify unicast reverse-path
>
>
>
>
>
>
> On 1/23/07, Ivan <ivan@iip.net> wrote:
> >
> > 191.
> >
> > ip verify unicast permit all packet passed check. Also this command
> permit
> > or
> > deny packet from ACL depends on action.
> >
> > On Tuesday 23 January 2007 14:40, Allan wrote:
> > > Hi,
> > >
> > > if I want to drop packets with no source address and log them, which
> > > access list could be use ?
> > >
> > > ip verify unicast reverse-path 190
> > > access-list 190 permit ip any any log
> > >
> > >
> > > ip verify unicast reverse-path 191
> > > access-list 191 deny ip any any log
> > >
> > >
> > > Regards,
> > >
> > > Min
> > >
> > >
> _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> >
> > --
> > Ivan
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Thu Feb 08 2007 - 23:46:57 ART